6 matches found
CVE-2023-32749
creationtimestamp| type| source ---|---|--- 2026-04-06 21:00:05+00:00| published-proof-of-concept| Telegram/A1qg1RolaBwsACBTI2hdl9LKX69FzxBc1xCrm7xs4Pt8oY...
CVE-2023-32749
CVE-2023-32749 affects Pydio Cells. An attacker can modify the HTTP request when creating external users, permitting assignment of arbitrary roles to the new account. If all roles are granted, the attacker gains access to all cells and non-personal workspaces. Documented impact is privilege escal...
CVE-2023-32749
Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assigning all roles to a newly created user, access to all...
CVE-2023-32749
Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assigning all roles to a newly created user, access to all...
Pydio Cells 4.1.2 - Unauthorised Role Assignments
Exploit Title: Pydio Cells 4.1.2 - Unauthorised Role Assignments Affected Versions: 4.1.2 and earlier versions Fixed Versions: 4.2.0, 4.1.3, 3.0.12 Vulnerability Type: Privilege Escalation Security Risk: high Vendor URL: https://pydio.com/ Vendor Status: notified Advisory URL:...
Pydio Cells 4.1.2 Privilege Escalation
Advisory: Pydio Cells: Unauthorised Role Assignments Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assignin...